1 files changed, 45 insertions, 15 deletions
diff --git a/kernel/audit.c b/kernel/audit.c
index 09a37581213b..644ab825118b 100644
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -106,6 +106,7 @@ static LIST_HEAD(audit_freelist);
 static struct sk_buff_head audit_skb_queue;
 static struct task_struct *kauditd_task;
 static DECLARE_WAIT_QUEUE_HEAD(kauditd_wait);
+static DECLARE_WAIT_QUEUE_HEAD(audit_backlog_wait);
 /* The netlink socket is only to be read by 1 CPU, which lets us assume
 * that list additions and deletions never happen simultaneously in
@@ -130,6 +131,7 @@ struct audit_buffer {
        struct list_head     list;
        struct sk_buff       *skb;      /* formatted skb ready to send */
        struct audit_context *ctx;      /* NULL or associated context */
+        int                  gfp_mask;
 };
 static void audit_set_pid(struct audit_buffer *ab, pid_t pid)
@@ -226,7 +228,7 @@ static int audit_set_rate_limit(int limit, uid_t loginuid)
 {
        int old          = audit_rate_limit;
        audit_rate_limit = limit;
-        audit_log(NULL, AUDIT_CONFIG_CHANGE, 
+        audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE, 
                        "audit_rate_limit=%d old=%d by auid=%u",
                        audit_rate_limit, old, loginuid);
        return old;
@@ -236,7 +238,7 @@ static int audit_set_backlog_limit(int limit, uid_t loginuid)
 {
        int old          = audit_backlog_limit;
        audit_backlog_limit = limit;
-        audit_log(NULL, AUDIT_CONFIG_CHANGE,
+        audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
                        "audit_backlog_limit=%d old=%d by auid=%u",
                        audit_backlog_limit, old, loginuid);
        return old;
@@ -248,7 +250,7 @@ static int audit_set_enabled(int state, uid_t loginuid)
        if (state != 0 && state != 1)
                return -EINVAL;
        audit_enabled = state;
-        audit_log(NULL, AUDIT_CONFIG_CHANGE,
+        audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
                        "audit_enabled=%d old=%d by auid=%u",
                        audit_enabled, old, loginuid);
        return old;
@@ -262,7 +264,7 @@ static int audit_set_failure(int state, uid_t loginuid)
            && state != AUDIT_FAIL_PANIC)
                return -EINVAL;
        audit_failure = state;
-        audit_log(NULL, AUDIT_CONFIG_CHANGE,
+        audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
                        "audit_failure=%d old=%d by auid=%u",
                        audit_failure, old, loginuid);
        return old;
@@ -274,6 +276,7 @@ int kauditd_thread(void *dummy)
        while (1) {
                skb = skb_dequeue(&audit_skb_queue);
+                wake_up(&audit_backlog_wait);
                if (skb) {
                        if (audit_pid) {
                                int err = netlink_unicast(audit_sock, skb, audit_pid, 0);
@@ -417,7 +420,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
                if (status_get->mask & AUDIT_STATUS_PID) {
                        int old   = audit_pid;
                        audit_pid = status_get->pid;
-                        audit_log(NULL, AUDIT_CONFIG_CHANGE,
+                        audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
                                "audit_pid=%d old=%d by auid=%u",
                                  audit_pid, old, loginuid);
                }
@@ -435,7 +438,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
                err = audit_filter_user(pid, msg_type);
                if (err == 1) {
                        err = 0;
-                        ab = audit_log_start(NULL, msg_type);
+                        ab = audit_log_start(NULL, GFP_KERNEL, msg_type);
                        if (ab) {
                                audit_log_format(ab,
                                                 "user pid=%d uid=%u auid=%u msg='%.1024s'",
@@ -522,7 +525,7 @@ static int __init audit_init(void)
        skb_queue_head_init(&audit_skb_queue);
        audit_initialized = 1;
        audit_enabled = audit_default;
-        audit_log(NULL, AUDIT_KERNEL, "initialized");
+        audit_log(NULL, GFP_KERNEL, AUDIT_KERNEL, "initialized");
        return 0;
 }
 __initcall(audit_init);
@@ -586,6 +589,7 @@ static struct audit_buffer * audit_buffer_alloc(struct audit_context *ctx,
                goto err;
        ab->ctx = ctx;
+        ab->gfp_mask = gfp_mask;
        nlh = (struct nlmsghdr *)skb_put(ab->skb, NLMSG_SPACE(0));
        nlh->nlmsg_type = type;
        nlh->nlmsg_flags = 0;
@@ -644,17 +648,42 @@ static inline void audit_get_stamp(struct audit_context *ctx,
 * syscall, then the syscall is marked as auditable and an audit record
 * will be written at syscall exit.  If there is no associated task, tsk
 * should be NULL. */
-struct audit_buffer *audit_log_start(struct audit_context *ctx, int type)
+struct audit_buffer *audit_log_start(struct audit_context *ctx, int gfp_mask,
+                                     int type)
 {
        struct audit_buffer     *ab     = NULL;
        struct timespec         t;
        unsigned int            serial;
+        int reserve;
        if (!audit_initialized)
                return NULL;
-        if (audit_backlog_limit
+        if (gfp_mask & __GFP_WAIT)
-            && skb_queue_len(&audit_skb_queue) > audit_backlog_limit) {
+                reserve = 0;
+        else
+                reserve = 5; /* Allow atomic callers to go up to five 
+                                entries over the normal backlog limit */
+        while (audit_backlog_limit
+               && skb_queue_len(&audit_skb_queue) > audit_backlog_limit + reserve) {
+                if (gfp_mask & __GFP_WAIT) {
+                        int ret = 1;
+                        /* Wait for auditd to drain the queue a little */
+                        DECLARE_WAITQUEUE(wait, current);
+                        set_current_state(TASK_INTERRUPTIBLE);
+                        add_wait_queue(&audit_backlog_wait, &wait);
+                        if (audit_backlog_limit &&
+                            skb_queue_len(&audit_skb_queue) > audit_backlog_limit)
+                                ret = schedule_timeout(HZ * 60);
+                        __set_current_state(TASK_RUNNING);
+                        remove_wait_queue(&audit_backlog_wait, &wait);
+                        if (ret)
+                                continue;
+                }
                if (audit_rate_check())
                        printk(KERN_WARNING
                               "audit: audit_backlog=%d > "
@@ -665,7 +694,7 @@ struct audit_buffer *audit_log_start(struct audit_context *ctx, int type)
                return NULL;
        }
-        ab = audit_buffer_alloc(ctx, GFP_ATOMIC, type);
+        ab = audit_buffer_alloc(ctx, gfp_mask, type);
        if (!ab) {
                audit_log_lost("out of memory in audit_log_start");
                return NULL;
@@ -689,7 +718,7 @@ static inline int audit_expand(struct audit_buffer *ab, int extra)
 {
        struct sk_buff *skb = ab->skb;
        int ret = pskb_expand_head(skb, skb_headroom(skb), extra,
-                                   GFP_ATOMIC);
+                                   ab->gfp_mask);
        if (ret < 0) {
                audit_log_lost("out of memory in audit_expand");
                return 0;
@@ -808,7 +837,7 @@ void audit_log_d_path(struct audit_buffer *ab, const char *prefix,
                audit_log_format(ab, " %s", prefix);
        /* We will allow 11 spaces for ' (deleted)' to be appended */
-        path = kmalloc(PATH_MAX+11, GFP_KERNEL);
+        path = kmalloc(PATH_MAX+11, ab->gfp_mask);
        if (!path) {
                audit_log_format(ab, "<no memory>");
                return;
@@ -849,12 +878,13 @@ void audit_log_end(struct audit_buffer *ab)
 /* Log an audit record.  This is a convenience function that calls
 * audit_log_start, audit_log_vformat, and audit_log_end.  It may be
 * called in any context. */
-void audit_log(struct audit_context *ctx, int type, const char *fmt, ...)
+void audit_log(struct audit_context *ctx, int gfp_mask, int type, 
+               const char *fmt, ...)
 {
        struct audit_buffer *ab;
        va_list args;
-        ab = audit_log_start(ctx, type);
+        ab = audit_log_start(ctx, gfp_mask, type);
        if (ab) {
                va_start(args, fmt);
                audit_log_vformat(ab, fmt, args);

diff --git a/kernel/audit.c b/kernel/audit.c index 09a37581213b..644ab825118b 100644 --- a/kernel/audit.c +++ b/kernel/audit.c
@@ -106,6 +106,7 @@ static LIST_HEAD(audit_freelist);
106	static struct sk_buff_head audit_skb_queue;	106	static struct sk_buff_head audit_skb_queue;
107	static struct task_struct *kauditd_task;	107	static struct task_struct *kauditd_task;
108	static DECLARE_WAIT_QUEUE_HEAD(kauditd_wait);	108	static DECLARE_WAIT_QUEUE_HEAD(kauditd_wait);
		109	static DECLARE_WAIT_QUEUE_HEAD(audit_backlog_wait);
109		110
110	/* The netlink socket is only to be read by 1 CPU, which lets us assume	111	/* The netlink socket is only to be read by 1 CPU, which lets us assume
111	* that list additions and deletions never happen simultaneously in	112	* that list additions and deletions never happen simultaneously in
@@ -130,6 +131,7 @@ struct audit_buffer {
130	struct list_head list;	131	struct list_head list;
131	struct sk_buff skb; / formatted skb ready to send */	132	struct sk_buff skb; / formatted skb ready to send */
132	struct audit_context ctx; / NULL or associated context */	133	struct audit_context ctx; / NULL or associated context */
		134	int gfp_mask;
133	};	135	};
134		136
135	static void audit_set_pid(struct audit_buffer *ab, pid_t pid)	137	static void audit_set_pid(struct audit_buffer *ab, pid_t pid)
@@ -226,7 +228,7 @@ static int audit_set_rate_limit(int limit, uid_t loginuid)
226	{	228	{
227	int old = audit_rate_limit;	229	int old = audit_rate_limit;
228	audit_rate_limit = limit;	230	audit_rate_limit = limit;
229	audit_log(NULL, AUDIT_CONFIG_CHANGE,	231	audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
230	"audit_rate_limit=%d old=%d by auid=%u",	232	"audit_rate_limit=%d old=%d by auid=%u",
231	audit_rate_limit, old, loginuid);	233	audit_rate_limit, old, loginuid);
232	return old;	234	return old;
@@ -236,7 +238,7 @@ static int audit_set_backlog_limit(int limit, uid_t loginuid)
236	{	238	{
237	int old = audit_backlog_limit;	239	int old = audit_backlog_limit;
238	audit_backlog_limit = limit;	240	audit_backlog_limit = limit;
239	audit_log(NULL, AUDIT_CONFIG_CHANGE,	241	audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
240	"audit_backlog_limit=%d old=%d by auid=%u",	242	"audit_backlog_limit=%d old=%d by auid=%u",
241	audit_backlog_limit, old, loginuid);	243	audit_backlog_limit, old, loginuid);
242	return old;	244	return old;
@@ -248,7 +250,7 @@ static int audit_set_enabled(int state, uid_t loginuid)
248	if (state != 0 && state != 1)	250	if (state != 0 && state != 1)
249	return -EINVAL;	251	return -EINVAL;
250	audit_enabled = state;	252	audit_enabled = state;
251	audit_log(NULL, AUDIT_CONFIG_CHANGE,	253	audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
252	"audit_enabled=%d old=%d by auid=%u",	254	"audit_enabled=%d old=%d by auid=%u",
253	audit_enabled, old, loginuid);	255	audit_enabled, old, loginuid);
254	return old;	256	return old;
@@ -262,7 +264,7 @@ static int audit_set_failure(int state, uid_t loginuid)
262	&& state != AUDIT_FAIL_PANIC)	264	&& state != AUDIT_FAIL_PANIC)
263	return -EINVAL;	265	return -EINVAL;
264	audit_failure = state;	266	audit_failure = state;
265	audit_log(NULL, AUDIT_CONFIG_CHANGE,	267	audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
266	"audit_failure=%d old=%d by auid=%u",	268	"audit_failure=%d old=%d by auid=%u",
267	audit_failure, old, loginuid);	269	audit_failure, old, loginuid);
268	return old;	270	return old;
@@ -274,6 +276,7 @@ int kauditd_thread(void *dummy)
274		276
275	while (1) {	277	while (1) {
276	skb = skb_dequeue(&audit_skb_queue);	278	skb = skb_dequeue(&audit_skb_queue);
		279	wake_up(&audit_backlog_wait);
277	if (skb) {	280	if (skb) {
278	if (audit_pid) {	281	if (audit_pid) {
279	int err = netlink_unicast(audit_sock, skb, audit_pid, 0);	282	int err = netlink_unicast(audit_sock, skb, audit_pid, 0);
@@ -417,7 +420,7 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
417	if (status_get->mask & AUDIT_STATUS_PID) {	420	if (status_get->mask & AUDIT_STATUS_PID) {
418	int old = audit_pid;	421	int old = audit_pid;
419	audit_pid = status_get->pid;	422	audit_pid = status_get->pid;
420	audit_log(NULL, AUDIT_CONFIG_CHANGE,	423	audit_log(NULL, GFP_KERNEL, AUDIT_CONFIG_CHANGE,
421	"audit_pid=%d old=%d by auid=%u",	424	"audit_pid=%d old=%d by auid=%u",
422	audit_pid, old, loginuid);	425	audit_pid, old, loginuid);
423	}	426	}
@@ -435,7 +438,7 @@ static int audit_receive_msg(struct sk_buff skb, struct nlmsghdr nlh)
435	err = audit_filter_user(pid, msg_type);	438	err = audit_filter_user(pid, msg_type);
436	if (err == 1) {	439	if (err == 1) {
437	err = 0;	440	err = 0;
438	ab = audit_log_start(NULL, msg_type);	441	ab = audit_log_start(NULL, GFP_KERNEL, msg_type);
439	if (ab) {	442	if (ab) {
440	audit_log_format(ab,	443	audit_log_format(ab,
441	"user pid=%d uid=%u auid=%u msg='%.1024s'",	444	"user pid=%d uid=%u auid=%u msg='%.1024s'",
@@ -522,7 +525,7 @@ static int __init audit_init(void)
522	skb_queue_head_init(&audit_skb_queue);	525	skb_queue_head_init(&audit_skb_queue);
523	audit_initialized = 1;	526	audit_initialized = 1;
524	audit_enabled = audit_default;	527	audit_enabled = audit_default;
525	audit_log(NULL, AUDIT_KERNEL, "initialized");	528	audit_log(NULL, GFP_KERNEL, AUDIT_KERNEL, "initialized");
526	return 0;	529	return 0;
527	}	530	}
528	__initcall(audit_init);	531	__initcall(audit_init);
@@ -586,6 +589,7 @@ static struct audit_buffer * audit_buffer_alloc(struct audit_context *ctx,
586	goto err;	589	goto err;
587		590
588	ab->ctx = ctx;	591	ab->ctx = ctx;
		592	ab->gfp_mask = gfp_mask;
589	nlh = (struct nlmsghdr *)skb_put(ab->skb, NLMSG_SPACE(0));	593	nlh = (struct nlmsghdr *)skb_put(ab->skb, NLMSG_SPACE(0));
590	nlh->nlmsg_type = type;	594	nlh->nlmsg_type = type;
591	nlh->nlmsg_flags = 0;	595	nlh->nlmsg_flags = 0;
@@ -644,17 +648,42 @@ static inline void audit_get_stamp(struct audit_context *ctx,
644	* syscall, then the syscall is marked as auditable and an audit record	648	* syscall, then the syscall is marked as auditable and an audit record
645	* will be written at syscall exit. If there is no associated task, tsk	649	* will be written at syscall exit. If there is no associated task, tsk
646	* should be NULL. */	650	* should be NULL. */
647	struct audit_buffer audit_log_start(struct audit_context ctx, int type)	651
		652	struct audit_buffer audit_log_start(struct audit_context ctx, int gfp_mask,
		653	int type)
648	{	654	{
649	struct audit_buffer *ab = NULL;	655	struct audit_buffer *ab = NULL;
650	struct timespec t;	656	struct timespec t;
651	unsigned int serial;	657	unsigned int serial;
		658	int reserve;
652		659
653	if (!audit_initialized)	660	if (!audit_initialized)
654	return NULL;	661	return NULL;
655		662
656	if (audit_backlog_limit	663	if (gfp_mask & __GFP_WAIT)
657	&& skb_queue_len(&audit_skb_queue) > audit_backlog_limit) {	664	reserve = 0;
		665	else
		666	reserve = 5; /* Allow atomic callers to go up to five
		667	entries over the normal backlog limit */
		668
		669	while (audit_backlog_limit
		670	&& skb_queue_len(&audit_skb_queue) > audit_backlog_limit + reserve) {
		671	if (gfp_mask & __GFP_WAIT) {
		672	int ret = 1;
		673	/* Wait for auditd to drain the queue a little */
		674	DECLARE_WAITQUEUE(wait, current);
		675	set_current_state(TASK_INTERRUPTIBLE);
		676	add_wait_queue(&audit_backlog_wait, &wait);
		677
		678	if (audit_backlog_limit &&
		679	skb_queue_len(&audit_skb_queue) > audit_backlog_limit)
		680	ret = schedule_timeout(HZ * 60);
		681
		682	__set_current_state(TASK_RUNNING);
		683	remove_wait_queue(&audit_backlog_wait, &wait);
		684	if (ret)
		685	continue;
		686	}
658	if (audit_rate_check())	687	if (audit_rate_check())
659	printk(KERN_WARNING	688	printk(KERN_WARNING
660	"audit: audit_backlog=%d > "	689	"audit: audit_backlog=%d > "
@@ -665,7 +694,7 @@ struct audit_buffer audit_log_start(struct audit_context ctx, int type)
665	return NULL;	694	return NULL;
666	}	695	}
667		696
668	ab = audit_buffer_alloc(ctx, GFP_ATOMIC, type);	697	ab = audit_buffer_alloc(ctx, gfp_mask, type);
669	if (!ab) {	698	if (!ab) {
670	audit_log_lost("out of memory in audit_log_start");	699	audit_log_lost("out of memory in audit_log_start");
671	return NULL;	700	return NULL;
@@ -689,7 +718,7 @@ static inline int audit_expand(struct audit_buffer *ab, int extra)
689	{	718	{
690	struct sk_buff *skb = ab->skb;	719	struct sk_buff *skb = ab->skb;
691	int ret = pskb_expand_head(skb, skb_headroom(skb), extra,	720	int ret = pskb_expand_head(skb, skb_headroom(skb), extra,
692	GFP_ATOMIC);	721	ab->gfp_mask);
693	if (ret < 0) {	722	if (ret < 0) {
694	audit_log_lost("out of memory in audit_expand");	723	audit_log_lost("out of memory in audit_expand");
695	return 0;	724	return 0;
@@ -808,7 +837,7 @@ void audit_log_d_path(struct audit_buffer ab, const char prefix,
808	audit_log_format(ab, " %s", prefix);	837	audit_log_format(ab, " %s", prefix);
809		838
810	/* We will allow 11 spaces for ' (deleted)' to be appended */	839	/* We will allow 11 spaces for ' (deleted)' to be appended */
811	path = kmalloc(PATH_MAX+11, GFP_KERNEL);	840	path = kmalloc(PATH_MAX+11, ab->gfp_mask);
812	if (!path) {	841	if (!path) {
813	audit_log_format(ab, "<no memory>");	842	audit_log_format(ab, "<no memory>");
814	return;	843	return;
@@ -849,12 +878,13 @@ void audit_log_end(struct audit_buffer *ab)
849	/* Log an audit record. This is a convenience function that calls	878	/* Log an audit record. This is a convenience function that calls
850	* audit_log_start, audit_log_vformat, and audit_log_end. It may be	879	* audit_log_start, audit_log_vformat, and audit_log_end. It may be
851	* called in any context. */	880	* called in any context. */
852	void audit_log(struct audit_context ctx, int type, const char fmt, ...)	881	void audit_log(struct audit_context *ctx, int gfp_mask, int type,
		882	const char *fmt, ...)
853	{	883	{
854	struct audit_buffer *ab;	884	struct audit_buffer *ab;
855	va_list args;	885	va_list args;
856		886
857	ab = audit_log_start(ctx, type);	887	ab = audit_log_start(ctx, gfp_mask, type);
858	if (ab) {	888	if (ab) {
859	va_start(args, fmt);	889	va_start(args, fmt);
860	audit_log_vformat(ab, fmt, args);	890	audit_log_vformat(ab, fmt, args);